|Published||November 12, 2023|
|Location||St. Louis, MO|
***This position is onsite in St. Louis, MO***
Combine technical security engineering and executive-level business consulting expertise to deliver innovative commercial Cloud strategic planning and technical solutions. Perform extensive research and analysis of our Cloud environments and delivery models, system security monitoring, tuning and alerting recommendations. Assess and document vendor vs application owner responsibilities for vulnerability scanning, remediation, and mitigation, including risk assessments and risk reporting. Maintain responsibility for analyzing and continuously monitoring Cybersecurity and privacy policies, programs, compliance artifacts, or standards for security compliance, systems authorization, and management in a commercial Cloud environment. Monitor, analyze and report on the establishment of tactics, techniques, and procedures (TTPs) for application owners.
• 4+ years of relevant work experience.
• Experience in application vulnerability assessments, Testing and execution
• 4+ years of experience in Information Security (Vulnerability Management, Incident Response, install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs).
• Experience with researching emerging technologies, including commercial, mobile, and Cloud service providers (AWS, Azure)
• Experience with Cloud Cybersecurity efforts and emerging technology aligned with NIST, SOC2 or other equivalent Frameworks.
• Outstanding communication, analytical skills and ability to function in a globally diverse work environment.
• Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.
• Experience in system technology security testing (vulnerability scanning and penetration testing).
• Experience in application technology security testing (white box, black box and code review).
• Splunk, Sentinel or other equivalent SEIM technologies
• Azure, Google Cloud Platform, AWS
• Palo Alto NGFW, Prisma
• 5+ years’ experience in systems and network monitoring technologies and tools
• 4 or more years’ experience in designing solutions or applications with programming technologies and tools
• Experience working with SOAR platforms is a plus.
• 6 + years of experience with public and hybrid cloud environments.
Preferred technology experience
• SANS GIAC
Cloud Security Analyst